About Richard Stiennon

Posts by Richard Stiennon

The Pace of US Cyber-Preparedness is Accelerating

Three recent moves by the Pentagon, State Department and White House indicate that the pace of preparation for engaging in offensive cyber attacks is increasing.

Read more

Security Intelligence Enters the Mainstream

If you spend any time with the top banks and defense contractors you will have noticed a dramatic change in their approach to defending their networks from intrusions. Traditional security operations of vulnerability management, configuration management, and policy exceptions are being beefed up dramatically. New teams are being formed to counter...

Read more

Clean Up That Network Traffic

Here at IT-Harvest Global Headquarters we have installed a new technology: reverse osmosis water filtering. Our water may have lost some of its tang but it is clean. Even our ice-cubes are clearer now. Reverse-osmosis is an apt metaphor for Corero’s new positioning. Long known for their Denial of Service Defense and Intrusion Prevention...

Read more

Arms dealing in cyberspace: Questions we need to answer

Alex Sanchez, Research Fellow at the Council on Hemispheric Affairs, and participant in the International Cybersecurity Dialogue, introduces the issues surrounding cyber arms dealing, especially as they relate to Latin America in today's Cyber Domain blog on Forbes.com At the last meeting of the ICD Alex introduced the question of cyber...

Read more

Skillz are more important than your degree in security

Two words: “Learn tools.” It’s graduation season and time to address careers in IT security. I can’t help thinking back to May 1982, the month 30 years ago when I graduated from the University of Michigan as an aerospace engineer. I had done the rounds of campus interviews but was not excited about going to work for...

Read more

It's time to stop coddling DNS Changer Trojan victims; let them learn the hard way

The last thing we need is the FBI acting as our cyber nanny. Last November, a massive botnet for the DNS Changer Trojan had been taken down thanks to the FBI and law enforcement in Estonia. Six men were arrested for using the botnet of more than 500,000 infected machines, many of them within the U.S. government, to redirect web browsers to...

Read more

If you feel you need big data for security, you are doing something wrong

I have been fighting the same battle for 12 years. It all started with IDS, a passive system for comparing network traffic to a set of signatures and generating alerts every time a match occurred. Because IDS was never put in-line, there was no cost to performance or risk from false positives, so signatures blossomed. Open-source communities...

Read more

The first thing we do, is hack all the lawyers

It was 1994 and I was presenting at a conference on security and privacy on that new fangled Internet thing.  As founder of an ISP (Rust.net) in the Midwest, I did a lot of such events.  One of the other speakers was an attorney from the US Justice Department. He fielded a question from the audience regarding email security. His response...

Read more

VeriSign breach revelation raises questions of SSL cert, DNS compromise

Joseph Menn of Reuters reported Thursday on an attack on VeriSign in 2010. He had picked up on a brief notice in VeriSign’s 10-Q SEC quarterly report.

Read more

Deploy Red Team to root out excess privilege — or end up red-faced

While outside pen testing is important, it does not address the bigger problems facing the enterprise today: sophisticated attackers who use escalated privileges to subvert business processes.

Read more

Segmenting the IT security market: What you need to know

There are only four segments to the protective IT security space. My detailed list of categories that I use to track the IT security industry has about 85 entries. But I have found it useful to think of IT security in four primary buckets. In my analysis, I focus a great deal on countering attacks so these categories leave out the products that...

Read more

Top-down cyber defense is an upside-down approach

Wired’s Danger Room has reported (http://www.wired.com/dangerroom/2012/01/nsa-cant-defend/) that General Keith Alexander is throwing in the towel. In an address to the FBI-sponsored International Conference on Cyber Security he is quoted: “15,000 enclaves: You can’t see ‘em all. You cannot defend them all,”...

Read more

Bad business: LinkedIn criminals get connected

We have been down this road before. A popular interactive service passes over a peak on its way to universality and the spammers pile on. Sometimes the service fails — remember network news? Sometimes it recovers — think email. Sometimes, there is a constant battle to keep spam down, as in SMS spam in Japan. LinkedIn is a target...

Read more

DigiNotar breach – 2011’s most important attack

DigiNotar was the most important security event of 2011, with profound implications for 2012 and beyond. I know that may be an overly dramatic statement in a year that saw the RSA hack, the Sony PlayStation Network DDoS and breach, and the rise and fall of LulzSec. But those other events were mere escalations of existing threat levels. The RSA...

Read more